304 research outputs found
Developments in multivariate post quantum cryptography.
Ever since Shor\u27s algorithm was introduced in 1994, cryptographers have been working to develop cryptosystems that can resist known quantum computer attacks. This push for quantum attack resistant schemes is known as post quantum cryptography. Specifically, my contributions to post quantum cryptography has been to the family of schemes known as Multivariate Public Key Cryptography (MPKC), which is a very attractive candidate for digital signature standardization in the post quantum collective for a wide variety of applications. In this document I will be providing all necessary background to fully understand MPKC and post quantum cryptography as a whole. Then, I will walk through the contributions I provided in my publications relating to differential security proofs for HFEv and HFEvâ, key recovery attack for all parameters of HFEm, and my newly proposed multivariate encryption scheme, HFERP
Resilient networking in wireless sensor networks
This report deals with security in wireless sensor networks (WSNs),
especially in network layer. Multiple secure routing protocols have been
proposed in the literature. However, they often use the cryptography to secure
routing functionalities. The cryptography alone is not enough to defend against
multiple attacks due to the node compromise. Therefore, we need more
algorithmic solutions. In this report, we focus on the behavior of routing
protocols to determine which properties make them more resilient to attacks.
Our aim is to find some answers to the following questions. Are there any
existing protocols, not designed initially for security, but which already
contain some inherently resilient properties against attacks under which some
portion of the network nodes is compromised? If yes, which specific behaviors
are making these protocols more resilient? We propose in this report an
overview of security strategies for WSNs in general, including existing attacks
and defensive measures. In this report we focus at the network layer in
particular, and an analysis of the behavior of four particular routing
protocols is provided to determine their inherent resiliency to insider
attacks. The protocols considered are: Dynamic Source Routing (DSR),
Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing
(RWR)
Security and Privacy Issues in Wireless Mesh Networks: A Survey
This book chapter identifies various security threats in wireless mesh
network (WMN). Keeping in mind the critical requirement of security and user
privacy in WMNs, this chapter provides a comprehensive overview of various
possible attacks on different layers of the communication protocol stack for
WMNs and their corresponding defense mechanisms. First, it identifies the
security vulnerabilities in the physical, link, network, transport, application
layers. Furthermore, various possible attacks on the key management protocols,
user authentication and access control protocols, and user privacy preservation
protocols are presented. After enumerating various possible attacks, the
chapter provides a detailed discussion on various existing security mechanisms
and protocols to defend against and wherever possible prevent the possible
attacks. Comparative analyses are also presented on the security schemes with
regards to the cryptographic schemes used, key management strategies deployed,
use of any trusted third party, computation and communication overhead involved
etc. The chapter then presents a brief discussion on various trust management
approaches for WMNs since trust and reputation-based schemes are increasingly
becoming popular for enforcing security in wireless networks. A number of open
problems in security and privacy issues for WMNs are subsequently discussed
before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the
author's previous submission in arXiv submission: arXiv:1102.1226. There are
some text overlaps with the previous submissio
Recommended from our members
A twoâstep authentication framework for Mobile ad hoc networks
The lack of fixed infrastructure in ad hoc networks causes nodes to rely more heavily on peer nodes for communication. Nevertheless, establishing trust in such a distributed environment is very difficult, since it is not straightforward for a node to determine if its peer nodes can be trusted. An additional concern in such an environment is with whether a peer node is merely relaying a message or if it is the originator of the message. In this paper, we propose an authentication approach for protecting nodes in mobile ad hoc networks. The security requirements for protecting data link and network layers are identified and the design criteria for creating secure ad hoc networks using several authentication protocols are analyzed. Protocols based on zero knowledge and challenge response techniques are presented and their performance is evaluated through analysis and simulation
Trust-based secure routing against lethal behavior of nodes in wireless adhoc network
Offering a secure communication in wireless adhoc network is yet an open-end problem irrespective of archives of existing literatures towards security enhancement. Inclination towards solving specific forms of attack in adhoc network is majorly seen as an existing trend which lowers the applicability of existing security solution while application environment or attack scenario is changed. Therefore, the proposed system implements an analytical secure routing modeling which performs consistent monitoring of the malicious behaviour of its neighboring node and formulates decision towards secure routing by the source nodes. Harnessing the potential ofconceptual probabilistic modeling, the proposed system is capable as well as applicable for resisting maximum number / types of threats in wireless network. The study outcome show proposed scheme offer better performance in contrast to existing secure routing scheme
Revisiting (R)CCA Security and Replay Protection
This paper takes a fresh approach to systematically characterizing,
comparing, and understanding CCA-type security definitions for
public-key encryption (PKE), a topic with a long history. The
justification for a concrete security definition is relative to a
benchmark application (e.g. confidential communication): Does the use
of a PKE scheme satisfying imply the security of the application?
Because unnecessarily strong definitions may lead to unnecessarily
inefficient schemes or unnecessarily strong computational assumptions,
security definitions should be as weak as possible, i.e. as close as
possible to (but above) the benchmark. Understanding the hierarchy of
security definitions, partially ordered by the implication (i.e. at
least as strong) relation, is hence important, as is placing the
relevant applications as benchmark levels within the hierarchy.
CCA-2 security is apparently the strongest notion, but because it is
arguably too strong, Canetti, Krawczyk, and Nielsen (Crypto 2003)
proposed the relaxed notions of Replayable CCA security (RCCA)
as perhaps the weakest meaningful definition, and they investigated
the space between CCA and RCCA security by proposing two versions of
Detectable RCCA (d-RCCA) security which are meant to ensure
that replays of ciphertexts are either publicly or secretly detectable
(and hence preventable).
The contributions of this paper are three-fold. First, following the
work of Coretti, Maurer, and Tackmann (Asiacrypt 2013), we formalize
the three benchmark applications of PKE that serve as the natural
motivation for security notions, namely the construction of certain
types of (possibly replay-protected) confidential channels (from an
insecure and an authenticated communication channel).
Second, we prove that RCCA does not achieve the confidentiality benchmark
and, contrary to previous belief, that the proposed d-RCCA notions are not
even relaxations of CCA-2 security.
Third, we propose the natural security notions corresponding to the
three benchmarks: an appropriately strengthened version of RCCA to
ensure confidentiality, as well as two notions for capturing public
and secret replay detectability
Multilevel adaptive security system
Recent trends show increased demand for content-rich media such as images, videos and text in ad-hoc communication. Since such content often tends to be private, sensitive, or paid for, there exists a requirement for securing such information over resource constrained ad hoc networks. In this work, traditional data security mechanisms, existing ad hoc secure routing protocols and multilevel security are first reviewed. Then a new system, called the Multilevel Adaptive Security System, which incorporates the multilevel security concept at both the application layer and the network layer, is proposed to provide adaptive security services for data and routing processes.
MLASS is composed of two subsystems: Content-Based Multi-level Data Security (CB-MLDS) for content-rich data protection and Multi-Level On-demand Secure Mobile Ad hoc Routing (MOSAR) for secure route selection. The structure of each sub-system is explained in detail; experiments for each sub-system were conducted and the performance was analyzed. It is shown that MLASS is a practical security solution that is flexible enough to adapt to a range of security requirements and applies appropriate level of security services to data and its distribution over ad hoc networks. MLASS provides a balance between security, performance and resource
- âŠ